package com.im.oauth2.config;

import com.im.oauth2.service.SuccessHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

/** @author gongym */
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
  /** 自定义登录成功处理器 */
  private SuccessHandler successHandler;

  @Autowired
  public ResourceServerConfig(SuccessHandler successHandler) {
    this.successHandler = successHandler;
  }

  @Override
  public void configure(HttpSecurity http) throws Exception {
    http.formLogin()
        .successHandler(successHandler)
        .and()
        .authorizeRequests()
        .anyRequest()
        .authenticated()
        .and()
        .requestMatchers()
        .antMatchers(HttpMethod.OPTIONS, "/oauth/**")
        .and()
        .cors()
        .and()
        .csrf()
        .disable();
  }
}
